Home
Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide
2020-06-10
Version history
2020-06-10
login
popup
Submissions
10
15
20
50
Request
Connection
hash(md5,sha256)
Signature
PE API
Tag or IDS
Icon
user nickname
Date range button:
Date range picker
First seen:
Last seen:
No
Date
Request
Urls
Hosts
IDS
Rule
Score
Zero
VT
Player
Etc
1
2024-08-06 10:05
ts.exe
6672b19a9ed11eb242c3b50aa23ccbf8
Malicious Library
.NET framework(MSIL)
UPX
PE File
.NET EXE
PE32
VirusTotal
Malware
suspicious privilege
Check memory
Checks debugger
unpack itself
Windows
Cryptographic key
2.8
28
ZeroCERT
2
2023-02-09 17:51
chrome.exe
c4cabd2cd46018ac8a424befcb16ade3
RAT
PE File
PE64
VirusTotal
Malware
MachineGuid
Checks debugger
unpack itself
Tofsee
Discord
DNS
2
Info
×
cdn.discordapp.com(162.159.135.233) - malware
162.159.134.233 - malware
3
Info
×
ET INFO Observed Discord Domain in DNS Lookup (discordapp .com)
ET INFO Observed Discord Domain (discordapp .com in TLS SNI)
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
1.8
M
15
ZeroCERT
3
2022-09-30 11:18
Conferma di pagamento Bonifico...
219d16a6d7359a593e4df37ebd8eac5b
RAT
PE32
PE File
.NET EXE
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
Tofsee
ComputerName
2
Info
×
lemendoza.com(192.185.16.97) - mailcious
192.185.16.97 - mailcious
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
2.8
31
ZeroCERT
4
2022-08-13 20:31
svchostt.exe
d2342983b69c1ba3de2d43ec598f6ac8
RAT
NPKI
PE32
PE File
.NET EXE
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
ComputerName
2.6
M
54
ZeroCERT
5
2022-08-13 20:28
qqqqqqqq.exe
56ffe6d517eba59c3543bad66d269d09
RAT
PE File
PE64
VirusTotal
Malware
MachineGuid
Check memory
Checks debugger
unpack itself
3.2
44
ZeroCERT
6
2022-08-13 20:24
yess.exe
0866221ba6a6257326bb1b7f87209740
RAT
PE32
PE File
.NET EXE
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
ComputerName
2.2
24
ZeroCERT
7
2022-08-13 20:18
cool.exe
ad73a25c6c7b5576275afe4b4ed984bc
RAT
PE32
PE File
.NET EXE
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
ComputerName
2.4
31
ZeroCERT
8
2022-07-22 09:35
os.exe
3e0559f907c481442d53ac625c3d98b0
RAT
PE32
.NET EXE
PE File
VirusTotal
Malware
Check memory
Checks debugger
unpack itself
ComputerName
2.4
30
ZeroCERT
9
2022-04-09 10:06
tsetup-x64.3.6.3.exe
e08621287c4c3b938ba43a90723bdf7a
RAT
PE32
.NET EXE
PE File
VirusTotal
Malware
MachineGuid
Check memory
Checks debugger
unpack itself
Check virtual network interfaces
Tofsee
2
Info
×
bronsky.kiev.ua(185.66.90.243) - mailcious
185.66.90.243 - mailcious
1
Info
×
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
3.0
M
41
ZeroCERT
10
2021-12-10 11:05
music.exe
316f9fb56988da7f8e356893f98ac756
RAT
email
stealer
Generic Malware
Antivirus
DNS
Code injection
KeyLogger
Escalate priviledges
Downloader
persistence
AntiDebug
AntiVM
PE File
PE32
.NET EXE
VirusTotal
Malware
powershell
suspicious privilege
MachineGuid
Code Injection
Malicious Traffic
Check memory
Checks debugger
buffers extracted
WMI
Creates shortcut
unpack itself
Windows utilities
powershell.exe wrote
Check virtual network interfaces
suspicious process
WriteConsoleW
Windows
ComputerName
DNS
Cryptographic key
crashed
1
Keyword trend analysis
×
Info
×
http://20.51.217.113/mul/ConsoleApp13.bin
2
Info
×
20.51.217.113 - malware
20.114.22.8
13.0
M
16
ZeroCERT
First
1
Last
Total : 10cnts
Delete
×
Do you want to delete it?
View
×
Insert
×
http
domains
hosts
ips
Memo
Tag
Alert
×
Insert error....
keyword
